package com.mmd.tencent.util;

import com.alibaba.fastjson.JSONObject;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Base64;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.*;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;

public class WechatUtils {

    public static String decryptData(String encryptDataB64, String sessionKeyB64, String ivB64) {
        return new String(
                decryptOfDiyIV(
                        Base64.decode(encryptDataB64),
                        Base64.decode(sessionKeyB64),
                        Base64.decode(ivB64)
                )
        );
    }

    private static final String KEY_ALGORITHM = "AES";
    private static final String ALGORITHM_STR = "AES/CBC/PKCS7Padding";
    private static Key key;
    private static Cipher cipher;

    private static void init(byte[] keyBytes) {
        // 如果密钥不足16位，那么就补足.  这个if 中的内容很重要
        int base = 16;
        if (keyBytes.length % base != 0) {
            int groups = keyBytes.length / base + (keyBytes.length % base != 0 ? 1 : 0);
            byte[] temp = new byte[groups * base];
            Arrays.fill(temp, (byte) 0);
            System.arraycopy(keyBytes, 0, temp, 0, keyBytes.length);
            keyBytes = temp;
        }
        // 初始化
        Security.addProvider(new BouncyCastleProvider());
        // 转化成JAVA的密钥格式
        key = new SecretKeySpec(keyBytes, KEY_ALGORITHM);
        try {
            // 初始化cipher
            cipher = Cipher.getInstance(ALGORITHM_STR, "BC");
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    /**
     * 解密方法
     *
     * @param encryptedData 要解密的字符串
     * @param keyBytes      解密密钥
     * @param ivs           自定义对称解密算法初始向量 iv
     * @return 解密后的字节数组
     */
    private static byte[] decryptOfDiyIV(byte[] encryptedData, byte[] keyBytes, byte[] ivs) {
        byte[] encryptedText = null;
        init(keyBytes);
        try {
            cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(ivs));
            encryptedText = cipher.doFinal(encryptedData);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return encryptedText;
    }


    public static JSONObject getPhoneNumber(String encryptedData, String session_key, String iv) {
        // 被加密的数据
        byte[] dataByte = java.util.Base64.getDecoder().decode(encryptedData);
        // 加密秘钥
        byte[] keyByte = java.util.Base64.getDecoder().decode(session_key);
        // 偏移量
        byte[] ivByte = java.util.Base64.getDecoder().decode(iv);
        try {
            // 如果密钥不足16位，那么就补足.  这个if 中的内容很重要
            int base = 16;
            if (keyByte.length % base != 0) {
                int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
                byte[] temp = new byte[groups * base];
                Arrays.fill(temp, (byte) 0);
                System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
                keyByte = temp;
            }
            // 初始化
            Security.addProvider(new BouncyCastleProvider());
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
            AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
            parameters.init(new IvParameterSpec(ivByte));
            cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化
            byte[] resultByte = cipher.doFinal(dataByte);
            if (null != resultByte && resultByte.length > 0) {
                String result = new String(resultByte, StandardCharsets.UTF_8);
                return JSONObject.parseObject(result);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }


    public static Map<String, String> getWxJsApiPayParam(String prePayId, String appid, PrivateKey privateKey) throws Exception {
        return getWxPayParam(prePayId,appid,privateKey,"prepay_id=" + prePayId,"prepay_id=" + prePayId);
    }

    public static Map<String, String> getWxAppPayParam(String prePayId, String appid, PrivateKey privateKey) throws Exception {
        return getWxPayParam(prePayId,appid,privateKey,"Sign=WXPay",prePayId);
    }

    // 支付封装参数
    public static Map<String, String> getWxPayParam(String prePayId, String appid, PrivateKey privateKey, String packages, String signFinallyData) throws Exception {
        String nonceStr = RandomStringUtils.randomAlphanumeric(32);
        long timestamp = System.currentTimeMillis() / 1000;
        //包装prepay_id 等 返给前端由前端拉起支付
        HashMap<String, String> params = new HashMap<>();
        params.put("appId", appid);
        params.put("nonceStr", nonceStr);
        params.put("package", packages);
        params.put("signType", "RSA");
        params.put("timeStamp", String.valueOf(timestamp));
        params.put("prepayid", prePayId);
        //重新签名
        String signMessage = spliceNewline(appid, timestamp, nonceStr, signFinallyData);
        String paySign = "";
        if (params.get("signType").equals("RSA")) {
            paySign = sign(signMessage.getBytes(StandardCharsets.UTF_8), privateKey);
        } else {
            paySign = sign(signMessage.getBytes(StandardCharsets.UTF_8));
        }
        params.put("paySign", paySign);
        return params;
    }



    /**
     * 拼接换行符
     *
     * @param param 参数
     * @return 拼接后的结果
     */
    private static String spliceNewline(Object... param) {
        StringBuilder result = new StringBuilder();
        for (Object str : param) {
            result.append(str).append(StringUtils.LF);
        }
        return result.toString();
    }

    /**
     * 生成签名
     * rsa
     *
     * @param message 签名信息
     * @return 签名
     * @throws Exception 异常
     */
    private static String sign(byte[] message, PrivateKey privateKey) throws Exception {
        Signature sign = Signature.getInstance("SHA256withRSA");
        sign.initSign(privateKey);
        sign.update(message);
        return java.util.Base64.getEncoder().encodeToString(sign.sign());
    }

    /**
     * 生成签名
     * md5
     *
     * @param message 签名信息
     * @return 签名
     * @throws Exception 异常
     */
    private static String sign(byte[] message) throws Exception {
        // 创建一个MessageDigest实例:
        MessageDigest md = MessageDigest.getInstance("MD5");
        // 反复调用update输入数据:
        md.update(message);
        byte[] result = md.digest(); // 16 bytes: 68e109f0f40ca72a15e05cc22786f8e6
        return new BigInteger(1, result).toString(16);
    }
}
